Required privileges Syntax Parameters Examples

CREATE ROLE

Creates a new custom role that is a collection of permissions. For a list of Amazon Redshift system-defined roles, see Amazon Redshift system-defined roles. Query SVV_ROLES to view the currently created roles in your cluster or workgroup.

There is a quota of the number of roles that can be created. For more information, see Quotas and limits in Amazon Redshift in the Amazon Redshift Management Guide.

Required permissions

Following are the required privileges for CREATE ROLE.

Superuser
Users with the CREATE ROLE privilege

Syntax


CREATE ROLE role_name
[ EXTERNALID external_id ]

Parameters

role_name

The name of the role. The role name must be unique and can't be the same as any user names. A role name can't be a reserved word.

A superuser or regular user with the CREATE ROLE privilege can create roles. A user that is not a superuser but that has been granted USAGE to the role WITH GRANT OPTION and ALTER privilege can grant this role to anyone.

EXTERNALID external_id

The identifier for the role, which is associated with an identity provider. For more information, see Native identity provider (IdP) federation for Amazon Redshift.

Examples

The following example creates a role sample_role1.


CREATE ROLE sample_role1;

The following example creates a role sample_role1, with an external ID that is associated with an identity provider.


CREATE ROLE sample_role1 EXTERNALID "ABC123";

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

CREATE RLS POLICY

CREATE SCHEMA